vendor:
Tiny Personal Firewall, ZoneAlarm and ZoneAlarm Pro
by:
SecurityFocus
3.3
CVSS
MEDIUM
Bypassing Packet Filtering
20
CWE
Product Name: Tiny Personal Firewall, ZoneAlarm and ZoneAlarm Pro
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: N/A
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2002
Bypassing Packet Filtering in Personal Firewalls
Due to a common design error, it may be possible for outbound packets to bypass packet filtering in many personal firewalls. Many of these applications only block packets created by the standard Windows protocol adapter. It is possible for a user with administrative privileges to create packets with other protocol adapters that are not evaluated against the personal firewall rules when transmitted. Exploitation will result in a violation of security policy. Tiny Personal Firewall, ZoneAlarm and ZoneAlarm Pro are confirmed vulnerable. It is believed that other applications similar in design may also be vulnerable.
Mitigation:
Ensure that all outbound packets are evaluated against the personal firewall rules, regardless of the protocol adapter used.
